Supplementary Information for Board of Management 2020/2021
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Supplementary Information
for
Board of Management
2020/2021
Webinar 7th September 2020
(ACCS Supports, The Legislative Framework, Appendix to School Self-Evaluation
Report: legislative and regulatory checklist (Post-Primary), Child Protection
Procedures and the Child Protection Schools Inspection Model (CPSI) The
Admissions Act 2018 and GDPR & Data Protection – 2 Case Studies)
1. ACCS Supports
1|Page
The Board of Management Training Video
www.accs.ie
Board of Management Meetings
(See Training Video on www.accs.ie in School Management section)
Chapter 1: Introduction
Chapter 2: My Role as a Board Member
Chapter 3: Composition of the Board of Management
Chapter 4: Understanding How the Board of Management Functions
Chapter 5: Preparation for the Meeting
Chapter 6: The Meeting
Chapter 7: The Roles and Duties of the Chairperson
Chapter 8: Minutes and Agreed Report
Chapter 9: Summary
2|Page
The Work of the Board
Legislative Framework
BOM operation
Governance
Child Protection
Health & Safety
Financial Management (FSSU)
Data Protection & GDPR
Employment
Looking at Our School
The School Plan & Essential Policies
Attendance & NEWB/TUSLA
Curriculum & Planning
School Self Evaluation
Roles & Relationships - The Stakeholders
2. The Legislative Framework
This document is an extract from the Induction of new Principals and Deputy Principals programme
delivered by ACCS in August each year.
Items to consider for inclusion at the first Board Meeting of the year/the first meeting of a new
Board of Management:
1. Ensure BOM is formally appointed by patrons – elected by patrons so must inform patrons of all on
BOM (Agree Liaison Person to make contact between Patrons and BOM).
2. Elect Chairperson.
2. Agree agenda items to be prepared for each meeting.
3. Agree Standing Orders with the BOM – these are the rules which you will adopt if there is a
contentious issue – all speak once/go to vote, if necessary – (remember while Principal is a
member, he/she has no vote, so it will be down to the 10 BOM members to agree system. In the
case of a draw (vote) the Chairperson get 2 votes – rarely, if ever happens.)
4. Remind BOM members that they will receive information and notice of meeting 7 days in advance –
check that you have personal emails for everyone – secretary cannot send material to
office@ emails as it must remain confidential to the individual BOM member.
5. On the establishment of subcommittees, BOM can bring in external expertise if members wish – the
financial sub-committee is a key one to have in place. Principal is entitled to sit on all BOM
sub-committees.
6. Remind BOM members of the difference between nominees and reps – while each is nominated by a
particular body, they are appointed by the trustees and are not representatives of/for anyone, teach-
ers, parents etc. As nominees, their primary function is to act as a member of the overall BOM which
operates as a corporate entity for the good of the school/students.
3|Page
7. Remind BOM members of the importance of confidentiality – who said what, voted in a certain way
etc. is never revealed. The kind of issues which may arise will require confidentiality from all.
8. The Chairperson may exercise the authority of the BOM between meetings if the need arises. In this
instance the Principal will contact the Chair and discuss whatever issue has arisen and seek a deci-
sion. This approach should be discussed, agreed, ratified and recorded at the Board meeting.
9. Agree and minute delegation of suspensions and role of P (up to 3 days Principal, up to 5 days Prin-
cipal & Chairperson, beyond 5 days remains a BOM decision and the Education Welfare
Officer must be informed).
10. Agree and minute signatories on a/cs, cheque books and maximum funding which Principal has au-
thority to spend between Board meetings.
11. Ensure BOM members receive the ACCS information bulletins and any circulars before/between
each meeting via email. These can be read in advance and Principal can refer to them if there is any-
thing pressing/relevant to the meeting.
12. Last item of the meeting is the Agreed Report – Remember Board of Management minutes are con-
fidential to the Trustees, the DES and to the BOM members. The formal record which is sent to the
trustees and DES is the set of minutes agreed at the following meeting when the BOM members
have had a chance to make any corrections etc. Therefore, it is important that the “agreed
report” which is shared with parents and staff after each BOM meeting and pertains to decisions
linked to the day to day running of the school is often issued before the formal minutes are
finalised at the following meeting. This should be agreed by the Board members before the close of
the meeting.
13. Child Protection Report – each meeting (See ACCS Template Report, who will be named as DLP
and DDLP?) Are you both/all trained? See ACCS Template Report.
14. Anti-Bullying Report – once a term.
15. SSE Report - each meeting.
16. Admissions Policy and important dates re enrolment at relevant times during the year.
17. Policy review – BOM should be aware of the process – one new and one for review each year can
be a useful and manageable approach.
18. Schedule when you will have your annual review and signing off by BOM Chairperson of the
relevant documents Anti-Bullying, Child Protection, (March time each year) SSE checklist, - may
leave it till next meeting if not ready to do it at first meeting of year. BOM members should be
familiar with the relevant documents before signing off.
19. BOM needs to adopt the various agreements in place between ACCS and other agencies such as
grievance procedures, parental complaints, harassment etc. Record agreement and adoption by the
BOM at this meeting and make relevant stakeholders aware that all these are on ACCS and school
website.
20. Alert the BOM members to the ACCS website www.accs.ie and ensure each one has the school
password for access – Website has most up-to date information, in particular they may wish to look
at the training video which is divided into distinct chapters and is hosted in the Management Section.
This resource clearly sets out the function and roles of Board Members etc. All circulars and info bul-
letins and any media articles are also available on website.
General BOM Matters:
Ensure attendance and apologies are recorded at each meeting.
School Governance Obligations
Annually:
Annual policy & legislative checklist (SSE)
Annual Review of Anti-Bullying Policy
Annual Review of Child Safeguarding Statement
Annual School Attendance Report submitted to TUSLA
Monitor and review Health & Safety Issues (SCA)
Registration and Annual Return to the CRA (FSSU)
Annual Monitoring and Reporting of Energy Use (SEAI)
Review GDPR policies and procedures
Once per term:
Anti- Bullying Report – once a term
4|Page
H&S report
Each Meeting:
Child Protection Oversight Report (See ACCS Template)
Finance Report from Finance Sub Committee
SSE Report - each meeting
Submit Minutes to School Governance & Trustees
Submit monthly accounts to DES (FSSU)
BOM Responsibility for School Plan: BOM should agree a manageable approach to school policy reviews.
E.g. one new policy and one ratified policy for review each year
Core policies required
Admissions/Enrolment
Attendance (Policy and Attendance Statement)
Code of Behaviour
Suspension and Expulsion
Child Protection (Child Safeguarding Statement) Ensure CP oversight report is attached to BOM minutes)
Health and Safety (Safety Statement)
Special Educational Needs
Data Protection (GDPR)
AUP – Social Media and ICT use in School
Anti-Bullying Policy
Protected Disclosures
Sample Agenda for Board of Management Meeting
Apologies (Record of attendees very important)
Minutes of last meeting (Once ratified, these become the official record of the meeting)
Matters arising from minutes
Correspondence (List)
ACCS Business (Information Bulletins distributed to all members before meeting)
Financial report (Finance sub-committee)
Principal’s Report (Day to day activities of school)
o Child Protection Report
o Anti-Bullying Report
o Health and Safety
o School Discipline
o School Self-Evaluation progress report / Policy Formulation and Review
Particular current issues
o (List)e.g. Building Project
o (List) e.g. Enrolments
Parents’ Association business
Teacher business
Agreed Reports for nominating bodies
Any Other Business
Date of next meeting
3. Appendix to School Self-Evaluation Report: legislative and regulatory
checklist (Post-Primary)
5|PageThis is not an exhaustive checklist. It is intended to assist the board of management in carrying out its
leadership and management responsibilities and functions, as set out in the Education Act (1998), and
within the context of its own school. The completed checklist will contain sensitive information and should
be treated as confidential.
Relevant area Relevant legislation, rule or circular Is your school If no, indicate
fully meeting the aspects to be
requirements of developed
the relevant leg-
islation, rule or
circular?
Time in school Circular M29/95
- Length of school year (minimum of 167 Yes No
days for all year groups)
- Length of school week (minimum of 28
hours for all year groups) Yes No
Standardisation of school year Circular 0009/2017
Yes No
Procedures for submission of data Circular 0038/2014
returns to the Department DTR returns procedures informa-
tion, updated annually on educa-
tion.ie Yes No
Pod and PPOD
Repeating a year – conditions to be met
M2/95 Yes No
Annual returns to Tusla on Section 21 Education (Welfare) Act
Yes No
attendance, suspension & exclusion 2000
Implementation of national agree- Circular 0043/2014
ment regarding additional time require- Circular 0045/2016, points 21-25 Yes No
ment
Development of school plan Section 21 Education Act 1998
Yes No
Engagement with school self- Circular 0040/2016
evaluation process Yes No
Whole-school guidance plan Section 21 Education Act 1998,
Section 21 Education Act 1998, Yes No
Circulars 10,11,12/2017
Guidance provision in post-primary Section 9(c), Education Act 1998,
schools Circular PPT12/05, Circulars Yes No
10,11,12/2017
Exemption from the study of Irish Circular M10/94
Yes No
Implementation of national literacy and Circular 25/2012, Circular 42/2015,
numeracy strategy Interim Review and New Targets Yes No
(2017, DES)
Arrangements for the Implementation of Circular 0015/2017
the Framework for Junior Cycle with
Yes No
particular reference to school years
2017/18 and 2018/19
In-school management structures Part V Education Act 1998,
Yes No
0003/2018
Approved allocation of teaching posts
Yes No
for 2018/19 Circulars 0007, 0008, 0009/2018
Leadership and management posts Circular 0003/2018 Yes No
Parents as partners in education Circular M27/91 Yes No
Digital Strategy Circular 0001/2017 and 0011/2018 Yes No
and
6|PageRelevant area Relevant legislation, rule or circular Is your school If no, indicate
fully meeting the aspects to be
requirements of developed
the relevant leg-
islation, rule or
circular?
Grant Scheme for ICT Infrastructure Digital Learning Plan Yes No
Use of the Digital Learning Yes No
Framework
Implementation of Child Protection Pro- Circular 0081/2017
cedures 2017 Yes No
Please record the following in-
formation in relation to child pro-
tection as reported to the board
Child Protection Oversight Report pre- Yes No
sented at each board meeting
Number of reports submitted by the DLP to
Tusla and reported to the board
Number of cases where the DLP sought
advice from Tusla and as a result of this
advice, no report was made
Number of cases where a mandated person
other than the DLP made a report to Tusla
and notified the DLP
Implementation of vetting National Vetting Bureau (Children Yes No
requirements and Vulnerable Persons) Act 2012
Circular 0026/2015
Circular 0016/2017: Statutory Re-
quirements for Retrospective Vet-
ting
Child Protection Procedures 2017
Implementation of complaints pro- Section 28 Education Act 1998 Yes No
cedure as appropriate Please record the following information
in relation to complaints made by par-
ents during this school year
Number of formal parental complaints re-
ceived
Number of formal complaints processed
Number of formal complaints not fully proc-
essed by the end of this school year
Refusal to enrol Section 29 Education Act 1998 Yes No
Please record information in relation to
appeals taken in accordance with Sec-
tion 29 against the school during this
school year
Number of section 29 cases taken against
the school
Number of cases processed at informal
stage
Number of cases heard
Number of appeals upheld
Number of appeals dismissed
Suspension of students Section 29 Education Act 1998 Yes No
Please record information in rela-
tion to appeals taken in accor-
dance with Section 29 against the
7|PageRelevant area Relevant legislation, rule or circular Is your school If no, indicate
fully meeting the aspects to be
requirements of developed
the relevant leg-
islation, rule or
circular?
school during this school year
Number of section 29 cases taken against
the school
Number of cases processed at informal
stage
Number of cases heard
Number of appeals upheld
Number of appeals dismissed
Expulsion of students Section 29 Education Act 1998
Yes No
Please record information in relation to
appeals taken in accordance with Sec-
tion 29 against the school during
this school year
Number of section 29 cases taken against
the school
Number of cases processed at informal
stage
Number of cases heard
Number of appeals upheld
Number of appeals dismissed
8|PageAppendix to School Self-Evaluation report: policy checklist (Post-Primary)
Policy Relevant legislation, circulars, guidelines If no,
Has the policy
indicate
been approved by
aspects to
the Board of
be
Management?
developed
Enrolment policy Section 15(2)(d) of Education Act
Equal Status Acts 2000-2011 Yes No
Circular M51/93
Attendance & participation Circular M51/93
1
strategy Section 22, Education (Welfare) Act 2000
Yes No
Code of behaviour, including Circular M33/91
2
anti-bullying policy NEWB guidelines Developing a Code of Behaviour:
Dignity in the Workplace Guidelines for Schools
Charter Section 23, Education (Welfare) Act 2000
Equal Status Acts 2000-2011 Yes No
Anti-bullying Procedures for Primary and Post-
primary schools 2013, and Circular 45/13
Section 8(2)(b), Safety, Health and Welfare at Work
Act 2005
Child Protection Procedures Circular 0081/2017
and Child Safeguarding Yes No
Statement
Annual attendance report to Section 21, Education (Welfare) Act 2000
Tusla and Parents’ Yes No
Association
Health and Safety Health and Safety Act 2005
Yes No
Statement Section 20
Critical Incident Responding to Critical Incidents: Guidelines and
Management policy Resource Materials, NEPS 2016 Yes No
Data protection General Data Protection Regulations (GDPR)
May 2018: see www.dataprotectionschools.ie Yes No
Special educational needs / Education Act (1998)
3
Inclusion policy Equal Status Acts (2000 to 2011),
Education (Welfare) Act (2000),
Education for Persons with Special Educational Yes No
4
Needs Act (EPSEN) (2004)
Disability Act (2005))
Circular 0014/2017
Relationships and sexuality Circulars 37/2010, 23/2010, 0027/08
education (RSE) policy
Yes No
Substance use policy Department of Education and Skills Directive;
guidelines issued to schools in 2002 Yes No
Internet acceptable use National Council for Technology in Education
policy (NCTE) Guidelines, 2012 (www.webwise.ie)
Yes No
For DEIS schools only: DEIS Plan 2017
Department of Education and Skills Guidelines on
DEIS Action Plan the appropriate use of the DEIS Grant (updated
Yes No
annually)
1
Under the provisions of the Education (Welfare) Act (2000) (section 22) the school’s attendance strategy should conform to the provisions stipu-
lated.
2
Under the provisions of the Education (Welfare) Act (2000) (section 23) the school’s code of behaviour should conform to the specifications stated.
3
Section 9 of the Education Act (1998) requires a school to “use its available resources” to identify and provide for the educational needs of those
“with a disability or other special educational needs.”
4
The EPSEN Act requires that schools be inclusive of and provide an appropriate education for students with special educational needs.
9|Page4. Child Protection Procedures and the Child Protection Schools Inspection
Model (CPSI)
(Relevant ACCS/Info Bulletins) Schools are advised to check the most up to date DES FAQ information on
www.education.gov.ie
ACCS/Info Bulletin 09/19 (Feb 11th, 2019)
Re: Review of the Child Safeguarding Statement.
th
All schools were obliged to have a Child Safeguarding Statement in place by 11 March 2018. Section 8.13 of Child
Protection Procedures for Primary and Post Primary Schools 2017 require that the Child Safe Guarding Statement be
reviewed annually.
Section 8.13.4 of the Procedures states:
As part of its annual review of the Child Safeguarding Statement, the board of management must seek feedback from
parents in relation to the school’s compliance with the child safeguarding requirements of these procedures. As part of
the review, the views of pupils on the school’s safeguarding arrangements should also be sought by the board of
management. This should be done in a manner appropriate to the age and maturity of the children concerned. Any
areas for improvement identified as a result of feedback from parents and pupils should be addressed.
The Procedures also state that written notification that the review has taken place shall be provided to the Parents
Association and to the school Patron. To assist in meeting this requirement, the Department has published the
following templates which are also attached to this Information Bulletin:
Mandatory Template 3: Checklist for Review of the Child Safeguarding Statement.
Mandatory Template 4: Notification regarding the Board of Management’s review of the Child Safeguarding
Statement
Additional information and templates regarding Child protection were previously issued in ACCS Info Bulletin 05/19 See
below
ACCS/Info Bulletin 05/19 (Jan 28th, 2019)
Re: Introduction of the Child Protection Schools Inspection Model.
Mandatory reporting of child protection concerns by teachers and greater oversight of child protection arrangements in
schools were among a range of changes that came into effect with the introduction of new Child Protection Procedures
for Primary and Post-Primary Schools in December 2017.
Please note:
It is important that school management is familiar with the requirements detailed in ‘A Guide to Child Protection
and Safeguarding Inspections’ issued by the Inspectorate. (See on www.accs.ie)
The Child Safeguarding Statement & associated Risk Assessment must be posted in a prominent public area
in the school, e.g. beside reception and on the school website.
In the event that a school is found not fully compliant during the initial CPSI Inspection, a second inspection will
be held where the school will have the opportunity to address any outstanding issues. Both reports will be
published at the same time on the DES website.
The Department has also issued the following documentation to support schools meeting their child protection
responsibilities:
Mandatory Templates
Schools must use the Child Safeguarding Statement and Risk Assessment templates. There are 4 templates:
Mandatory Template 1: Child Safeguarding Risk Assessment Template.
Mandatory Template 2: Child Safeguarding Statement Template.
Mandatory Template 3: Checklist for Review of the Child Safeguarding Statement.
Mandatory Template 4: Notification regarding the Board of Management’s review of the Child Safeguarding
Statement
Optional Templates and other supporting documents (CPSI recommend use of these templates)
The Department has developed a number of optional templates that Schools can choose to use:
Optional Template A: Record of how the allegation and/or concern came to be known to the DLP and record of
DLP’s phone call seeking advice of Tusla (Sections 5.1.1 and 5.3.3)
Optional Template B: Template statement from DLP to a member of school personnel as to the reasons why a
report has not been made to Tusla (Section 5.3.8 of the Procedures)
Optional Template C: Record of DLP informing or not informing a parent/care that a report concerning his or
her child is being made (Section 5.3.6 of the Procedures)
Optional Template D: Template written notification from DLP to a parent where a child protection concern about
a member of school personnel has been raised by a parent(Section 5.6.2 of the Procedures)
Optional Template E: Template Check List for preparing the Principal’s Child Protection Oversight Report
(CPOR)
10 | P a g e Optional Template F: Template for recording documents provided to the Board of Management as part of the
CPOR
In addition, the Department has also developed a number of supporting documents which schools may wish to refer to:
Child Protection Case File Checklist
Guidance note on the use of unique codes or serial numbers
Communications Checklist – Child Safeguarding Statement (Sections 8.11 and 8.13.6 of the Procedures)
FAQs in relation to the Principal’s Child Protection Oversight Report (CPOR)
See also ACCS/Info Bulletin 61/18
ACCS/Info Bulletin 52/18 (Oct 1st, 2018)
Re: Child Protection Procedures for Primary and Post-Primary Schools 2017.
The Department has developed the following documents in relation to the Child Protection Oversight Report
requirements of the Child Protection Procedures for Primary and Post-Primary Schools 2017. (All available at
www.accs.ie)
Frequently Asked Questions in relation to the CPOR
Template for preparing a Child Protection Oversight Report, CPOR
Template for recording documents provided to the Board under the CPOR
It is intended that the FAQ and templates will assist Principals and Boards in relation to the CPOR requirements. The
completed templates must be appended to the relevant Board minutes as a means of recording the relevant
information in the minutes. (See question 12 on the FAQ).
These documents can also be accessed on the on the Child Protection Page of the Department of Education and Skills
website. Schools are advised to keep a check on the information in the FAQ document as this document is live
and is amended on a regular basis.
Also available on www.accs.ie for your information is an outline provided by the Department’s Teacher Education
Section of current training provision by the PDST.
Covid-19 See also ACCS/Info Bulletin 56/20 Re: Arrangements for Inspection and School Self-Evaluation
for the 2020/2021 School Year. The Department of Education and Skills has issued CL 41/2020 (attached),
Arrangements for Inspection and School Self – Evaluation for the 2020/2021 School Year.
5. The Admissions Act 2018
Current legal framework
Education Act 1998
• Section 9(m) - establish and maintain an admission policy which provides for maximum accessibility to the
school
• Section 15(2)(d) - ensure that the principles of equality and parental choice, are respected, while having regard
to the characteristic spirit of the school and the constitutional rights of all persons concerned.
• Sections 29 and 33
Education (Welfare) Act 2000
• Section 19(1) - board of management shall not refuse to admit a student except where the refusal is in
accordance with the admission policy of the school.
• Section 23(4) - can make enrolment of a student conditional on parents’ confirmation in writing that the school’s
code of behaviour is acceptable to them
Equal Status Act 2000
• Section 3 prohibits discrimination on 9 grounds
• Section7(3)(a) - single gender schools
• Section7(3)(c) - denominational schools
• Section 7(3) has been amended by s.11 of the new Act
------------------------------
Education (Admission to Schools) Act 2018
• Inserts Part X Admission to Schools into Education Act 1998
3 sections commenced:
• s.60 Definitions
• s.64 Prohibition on charging admission and enrolment fees
• s.66 Cooperation between boards of management
Section 62: The Admission Policy
• Relative autonomy in respect of criteria and process
11 | P a g e• When commenced, schools will have three months to publish draft policy
• Patron to review policy and approve or specify modifications
Grounds of refusal
1. Where the school is oversubscribed
2. Where parents fail to confirm in writing that the code of behaviour of the school is acceptable to them
3. Where the school admits students of one gender only and refuses to admit as a student a person who is not of
that gender
4. Where a denominational school refuses to admit as a student a person who is not of that denomination and it is
proved that the refusal is essential to maintain the ethos of the school
5. Where the student does not meet criteria of special school
6. Where the student does not meet criteria of special class
Date of Application
• Potentially problematic for schools that take names over five years in advance of the year of entry
• Section and Act do not address the situation where parents have been offered and accepted places
Annual Admission Notice
• Requirement to state number of places being made available
• Where oversubscribed in the previous year, provide breakdown of applications received and offers made by
reference to each of the selection criteria
• Data on oversubscribed schools in public domain
6. GDPR and Data Protection – 2 Case Studies
a. Disclosure of CCTV footage from a direct provision centre.
The complainant discovered the disclosure while live on air on a radio station when the radio host said that he was in
possession of CCTV of the complainant taken in the direct provision centre. The complainant made a Data Access Re-
quest to the owners of the centre to establish with whom they had shared the footage and how it had ended up in the
hands of the radio centre. The access request was not replied to.
The complaint then brought a complaint to the Data Protection Commission (DPC). Although the DPC was unable to
establish how the CCTV footage in question came to be in possession of a radio station, the DPC found that ulti-
mately the complainant’s rights were infringed.
In this regard both the RIA (owners of the director provision centre) and Aramark (the managers) failed in their duty of
care to the complainant by failing to ensure that appropriate security measures were taken against the unau-
thorised disclosure as required by Section 2(1)(d). The DPC also decided that a contravention of Section 2C(2) of the
Data Protection Acts 1988 and 2003 had occurred. This provision requires a controller to take reasonable measures to
ensure that its employees and other persons at the place of work are aware of and comply with security meas-
ures. The lack of agreed procedures and in-depth policies in place between the RIA and Aramark relating to the
transfer of personal data over a network led to this decision.
This case illustrates the unintended and unforeseen consequences which can result from an absence of clear,
documented policies and procedures governing the transmission of personal data over a network. In this case, that
failure was compounded by the further failure by the RIA to also have a written agreement* in place which clearly set
out the parameters of Aramark’s instructions to process personal data on behalf of the RIA.
As this case demonstrates, such failures by a controller to comply with its data protection obligations are not just ad-
ministrative or regulatory breaches but can result in grave incursions into an individual’s Charter protected right to pro-
tection of their personal data which otherwise should have been avoidable.
*Template Data Processing Agreements are available from the Data Protection Advisor in the ACCS.
b. The importance of data controllers having appropriate mechanisms in place to respond to access re-
quests and document compliance.
12 | P a g eThe Data Protection Commission (DPC) received a complaint from a data subject concerning the alleged failure of eir to comply in full with an access request. The complainant advised the DPC that in response to his access request he had received from eir what he described as “a bundle of random pages of information without any explanation of con- tent”. In the course of their investigation the DPC established that eir was in fact seeking to rely on certain statutory ex- emptions to the right of access. However, in its response to the requester’s access request, it had not referred at all to the fact that it had withheld certain personal data. It was only in communications with eir, during the course of the DPC’s investigation, some five months after eir’s receipt of the access request, that eir indicated that they were with- holding personal data based on exemptions and outlined the details of the exemptions relied on by reference to an at- tached list. In the course of their investigation it also became apparent to the DPC that eir was unable to determine what per- sonal data had actually been provided to the complainant as it had not retained a copy of the personal data which had been provided. As a consequence of the lack of records kept on the personal data which had been released, eir was also unable to identify what personal data had been withheld/ not provided either in reliance on an exemption under the Data Protection Acts 1988 and 2003, or otherwise. While ultimately the complainant in this case withdrew his complaint against eir, the issues identified during the course of the DPC’s investigation underline the critical importance of data controllers having adequate organ- isational and operational mechanisms to allow them to comply with their statutory obligations with regard to access re- quests. However, it is equally important that a data controller is able to post facto demonstrate (where required by the DPC, such as in the context of a complaint) compliance with its obligations. A data controller must be able to justify decisions it has taken to deny access to personal data in reliance on one or more statutory exemptions. This case study also underscores the fact that the right of an individual to access personal data held about them is not just about being provided with access to the data itself. Importantly it is also concerned with sufficient, meaning- ful information being given to the data subject so that they can understand, amongst other things, what personal data is processed about them, in what circumstances and for what purposes. In this case the provision of a bundle of unexplained documents in response to the access request failed to satisfy the minimum requirements applicable to eir as a data controller under Section 4 of the Data Protection Acts 1988 and 2003, ultimately causing confusion for the data subject and prompting a complaint to the DPC. 13 | P a g e
You can also read
